cool-workflow 0.1.82 → 0.1.84
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +2 -2
- package/.codex-plugin/plugin.json +4 -4
- package/README.md +128 -120
- package/apps/architecture-review/app.json +1 -1
- package/apps/architecture-review-fast/app.json +1 -1
- package/apps/end-to-end-golden-path/app.json +1 -1
- package/apps/pr-review-fix-ci/app.json +1 -1
- package/apps/release-cut/app.json +1 -1
- package/apps/research-synthesis/app.json +1 -1
- package/dist/capability-core.js +16 -8
- package/dist/capability-registry.js +270 -0
- package/dist/cli/command-surface.js +1320 -0
- package/dist/cli.js +2 -1307
- package/dist/commit.js +5 -1
- package/dist/doctor.js +153 -0
- package/dist/mcp-server.js +15 -1451
- package/dist/mcp-surface.js +1441 -0
- package/dist/orchestrator.js +13 -0
- package/dist/reclamation/hash.js +72 -0
- package/dist/reclamation.js +25 -78
- package/dist/run-registry/queue.js +6 -7
- package/dist/run-registry.js +35 -24
- package/dist/scheduler.js +78 -53
- package/dist/version.js +1 -1
- package/dist/worker-accept/acceptance.js +114 -0
- package/dist/worker-accept/blackboard-fanout.js +80 -0
- package/dist/worker-accept/blackboard-linkage.js +19 -0
- package/dist/worker-accept/context.js +2 -0
- package/dist/worker-accept/telemetry-ledger.js +116 -0
- package/dist/worker-accept/validation.js +77 -0
- package/dist/worker-accept/verifier-completion.js +73 -0
- package/dist/worker-isolation.js +41 -446
- package/docs/agent-delegation-drive.7.md +94 -86
- package/docs/agent-framework.md +33 -32
- package/docs/candidate-scoring.7.md +26 -24
- package/docs/canonical-workflow-apps.7.md +40 -40
- package/docs/capability-topology-registry.7.md +24 -24
- package/docs/cli-mcp-parity.7.md +230 -154
- package/docs/contract-migration-tooling.7.md +52 -41
- package/docs/control-plane-scheduling.7.md +49 -41
- package/docs/coordinator-blackboard.7.md +30 -30
- package/docs/dogfood-one-real-repo.7.md +44 -44
- package/docs/durable-state-and-locking.7.md +38 -30
- package/docs/end-to-end-golden-path.7.md +29 -29
- package/docs/error-feedback.7.md +27 -27
- package/docs/evidence-adoption-reasoning-chain.7.md +66 -58
- package/docs/execution-backends.7.md +88 -80
- package/docs/getting-started.md +35 -18
- package/docs/index.md +3 -3
- package/docs/mcp-app-surface.7.md +64 -64
- package/docs/multi-agent-cli-mcp-surface.7.md +86 -77
- package/docs/multi-agent-eval-replay-harness.7.md +63 -55
- package/docs/multi-agent-operator-ux.7.md +73 -65
- package/docs/multi-agent-runtime-core.7.md +39 -39
- package/docs/multi-agent-topologies.7.md +24 -24
- package/docs/multi-agent-trust-policy-audit.7.md +38 -38
- package/docs/node-snapshot-diff-replay.7.md +30 -22
- package/docs/observability-cost-accounting.7.md +53 -45
- package/docs/operator-ux.7.md +30 -30
- package/docs/pipeline-runner.7.md +31 -31
- package/docs/project-index.md +16 -5
- package/docs/real-execution-backends.7.md +51 -43
- package/docs/release-and-migration.7.md +46 -38
- package/docs/release-tooling.7.md +67 -50
- package/docs/routines.md +16 -16
- package/docs/run-registry-control-plane.7.md +124 -116
- package/docs/run-retention-reclamation.7.md +49 -41
- package/docs/sandbox-profiles.7.md +32 -32
- package/docs/scheduled-tasks.md +14 -14
- package/docs/security-trust-hardening.7.md +29 -29
- package/docs/source-context-profiles.7.md +28 -28
- package/docs/state-explosion-management.7.md +67 -59
- package/docs/state-node.7.md +8 -8
- package/docs/team-collaboration.7.md +66 -58
- package/docs/trust-model.md +126 -126
- package/docs/unix-principles.md +80 -80
- package/docs/vendor-manifest-loadability.7.md +20 -20
- package/docs/verifier-gated-commit.7.md +16 -16
- package/docs/web-desktop-workbench.7.md +73 -65
- package/docs/worker-isolation.7.md +34 -37
- package/docs/workflow-app-framework.7.md +38 -38
- package/manifest/plugin.manifest.json +4 -4
- package/package.json +3 -2
- package/scripts/bump-version.js +9 -1
- package/scripts/canonical-apps.js +4 -4
- package/scripts/dogfood-release.js +1 -1
- package/scripts/gen-parity-doc.js +106 -0
- package/scripts/golden-path.js +4 -4
- package/scripts/parity-check.js +27 -57
- package/scripts/release-flow.js +7 -6
- package/scripts/sync-project-index.js +1 -1
- package/dist/verifier-registry.js +0 -46
|
@@ -1,99 +1,99 @@
|
|
|
1
1
|
# Web / Desktop Workbench
|
|
2
2
|
|
|
3
|
-
CW v0.1.30 adds the Web / Desktop Workbench: a
|
|
3
|
+
CW v0.1.30 adds the Web / Desktop Workbench: a console for people that shows
|
|
4
4
|
a run's five operator surfaces — run graph, blackboard, worker logs, candidate
|
|
5
|
-
compare, and audit timeline — plus a
|
|
5
|
+
compare, and audit timeline — plus a way in across runs over the v0.1.28 Run
|
|
6
6
|
Registry. It is a THIRD FRONT DOOR, not a new brain.
|
|
7
7
|
|
|
8
|
-
Before v0.1.30 CW had no web/HTTP/UI surface at all: the CLI
|
|
9
|
-
speed and the MCP server (JSON-RPC over stdio)
|
|
10
|
-
Workbench
|
|
11
|
-
decides, and
|
|
8
|
+
Before v0.1.30 CW had no web/HTTP/UI surface at all: the CLI showed things at human
|
|
9
|
+
speed and the MCP server (JSON-RPC over stdio) showed things for machine context. The
|
|
10
|
+
Workbench lets a person look at a run quickly — and adds NOTHING else. It works out,
|
|
11
|
+
decides, and keeps nothing that the CLI/MCP cannot already make.
|
|
12
12
|
|
|
13
13
|
## The third front door (mechanism vs policy)
|
|
14
14
|
|
|
15
15
|
The kernel and the durable `.cw/` state are the MECHANISM. The CLI, the MCP
|
|
16
|
-
surface, and the Workbench are three
|
|
16
|
+
surface, and the Workbench are three ways to show it — three policies — over that one
|
|
17
17
|
mechanism:
|
|
18
18
|
|
|
19
19
|
- the per-run `.cw/runs/<id>/state.json` is the SINGLE source of truth
|
|
20
|
-
- the v0.1.28 Run Registry is a DERIVED
|
|
20
|
+
- the v0.1.28 Run Registry is a DERIVED index over runs across repos that you can build again
|
|
21
21
|
- the Workbench is a STATELESS, READ-ONLY RENDERER over both
|
|
22
22
|
|
|
23
|
-
Every Workbench panel
|
|
24
|
-
already
|
|
25
|
-
entries the CLI and MCP
|
|
23
|
+
Every Workbench panel holds, VERBATIM, the true `--json` payload of ONE
|
|
24
|
+
capability already named, put together by calling the SAME capability core
|
|
25
|
+
entries the CLI and MCP go through (the v0.1.27 parity contract, see
|
|
26
26
|
[CLI ↔ MCP Parity](cli-mcp-parity.7.md)). The Workbench can show nothing the CLI
|
|
27
|
-
or MCP cannot; a `workbench.view` panel is byte-for-byte equal to
|
|
28
|
-
`cw <cmd> --json` payload, and that
|
|
27
|
+
or MCP cannot; a `workbench.view` panel is byte-for-byte equal to the
|
|
28
|
+
`cw <cmd> --json` payload under it, and that sameness is parity-gated.
|
|
29
29
|
|
|
30
30
|
## No hidden dashboard database
|
|
31
31
|
|
|
32
|
-
CW's README
|
|
33
|
-
|
|
32
|
+
CW's README gives its word that there is "no hidden dashboard database." The Workbench
|
|
33
|
+
keeps that word by holding ZERO authoritative state:
|
|
34
34
|
|
|
35
|
-
- it
|
|
36
|
-
- every response is
|
|
35
|
+
- it keeps nothing — there is no Workbench store, cache, or schema
|
|
36
|
+
- every response is made again, when asked, from disk; refresh re-reads `.cw/`
|
|
37
37
|
- delete the host process and nothing is lost — the data IS the files
|
|
38
38
|
- it forks no run/state schema; the view models in `src/types.ts`
|
|
39
39
|
(`WorkbenchRunView`, `WorkbenchPanel`, `WorkbenchServeDescriptor`) are DERIVED
|
|
40
|
-
projections that
|
|
40
|
+
projections that hold payloads that already exist, never copies of them
|
|
41
41
|
|
|
42
|
-
The Workbench is OPTIONAL,
|
|
43
|
-
committed `dist/` and a plain `node` runtime keep working
|
|
44
|
-
its static UI assets under `ui/workbench/`)
|
|
42
|
+
The Workbench is OPTIONAL, the way Bun is an optional execution backend: the
|
|
43
|
+
committed `dist/` and a plain `node` runtime keep working when the Workbench (and
|
|
44
|
+
its static UI assets under `ui/workbench/`) is not there. The kernel imports the
|
|
45
45
|
Workbench never; the Workbench imports the kernel.
|
|
46
46
|
|
|
47
47
|
## The five panels
|
|
48
48
|
|
|
49
|
-
Each panel
|
|
50
|
-
|
|
49
|
+
Each panel shows operator words that already exist, with the same names and
|
|
50
|
+
meaning as the CLI (least surprise). For run `<id>`:
|
|
51
51
|
|
|
52
52
|
1. RUN GRAPH — `cw graph <id> --json` (operator graph) plus
|
|
53
53
|
`cw multi-agent graph <id> [--view compact|critical-path] --json`. Backend
|
|
54
|
-
ids/attestations (v0.1.29)
|
|
55
|
-
missing evidence, and policy violations are never
|
|
54
|
+
ids/attestations (v0.1.29) sit on the nodes; the critical path, failures,
|
|
55
|
+
missing evidence, and policy violations are never folded away.
|
|
56
56
|
2. BLACKBOARD — `cw coordinator summary <id>`, `cw blackboard summarize <id>
|
|
57
57
|
--json`, and `cw blackboard graph <id>`: topics, messages, contexts,
|
|
58
58
|
artifacts, snapshots, decisions, conflicts, and adopted/missing evidence.
|
|
59
59
|
3. WORKER LOGS — `cw worker summary <id> --json`: manifests, outputs, scoped
|
|
60
60
|
results, failures, and the recorded execution backend + sandbox attestation.
|
|
61
61
|
4. CANDIDATE COMPARE — `cw candidate summary <id> --json` plus
|
|
62
|
-
`cw multi-agent reasoning <id> --json`: scores, selection,
|
|
62
|
+
`cw multi-agent reasoning <id> --json`: scores, selection, reasons for turning down,
|
|
63
63
|
and the v0.1.26 evidence-adoption reasoning chain (why adopted).
|
|
64
64
|
5. AUDIT TIMELINE — `cw audit summary <id>`, `cw audit multi-agent <id> --json`,
|
|
65
65
|
`cw audit policy <id> --json`, and `cw audit judge <id> --json`: trust-audit
|
|
66
66
|
events, role policy decisions, provenance, judge/chair rationale, and policy
|
|
67
67
|
violations.
|
|
68
68
|
|
|
69
|
-
|
|
70
|
-
--json` + `cw run list|search --json`);
|
|
69
|
+
The way in across runs lists/searches runs through the Run Registry (`cw registry show
|
|
70
|
+
--json` + `cw run list|search --json`); going into a run opens its five panels.
|
|
71
71
|
|
|
72
72
|
## Explicit, inspectable, fail closed
|
|
73
73
|
|
|
74
|
-
The Workbench
|
|
75
|
-
(a run with no blackboard yet, or
|
|
76
|
-
`absent` with the
|
|
77
|
-
is `resolved: false`. It never
|
|
74
|
+
The Workbench shows freshness in a true way. When a source capability cannot be read
|
|
75
|
+
(a run with no blackboard yet, or state that cannot be worked out), the panel is shown
|
|
76
|
+
`absent` with the true error — just what the CLI would report — and the view
|
|
77
|
+
is `resolved: false`. It never makes up a view when source state cannot be read.
|
|
78
78
|
The same `valid`/`stale`/`absent`/`missing` freshness the runtime already records
|
|
79
|
-
(Run Registry, Evidence Adoption Reasoning Chain, state-explosion summaries)
|
|
79
|
+
(Run Registry, Evidence Adoption Reasoning Chain, state-explosion summaries) goes
|
|
80
80
|
through verbatim.
|
|
81
81
|
|
|
82
82
|
## Trust boundary
|
|
83
83
|
|
|
84
|
-
The host
|
|
84
|
+
The host has least privilege and is local by default:
|
|
85
85
|
|
|
86
86
|
- it binds the loopback interface `127.0.0.1` ONLY — never a public address
|
|
87
|
-
- it is READ-ONLY: every route is `GET`; any write verb is
|
|
88
|
-
- it
|
|
89
|
-
- it
|
|
90
|
-
- it serves nothing
|
|
87
|
+
- it is READ-ONLY: every route is `GET`; any write verb is turned away with `405`
|
|
88
|
+
- it turns away non-localhost `Host` headers (a DNS-rebinding defense) with `403`
|
|
89
|
+
- it turns away path traversal out of `ui/workbench/` with `403`
|
|
90
|
+
- it serves nothing past the current user's `.cw/` scope and the Run Registry's
|
|
91
91
|
registered repos
|
|
92
92
|
- it fails closed on anything it cannot read
|
|
93
93
|
|
|
94
|
-
The console is read-only. It offers no actions. If a
|
|
95
|
-
(resume, rerun, dispatch), that action MUST
|
|
96
|
-
capability core entry — never a
|
|
94
|
+
The console is read-only. It offers no actions. If a later release adds an action
|
|
95
|
+
(resume, rerun, dispatch), that action MUST go through a declared
|
|
96
|
+
capability core entry that already exists — never a side code path — so it cannot drift from the
|
|
97
97
|
CLI/MCP and is covered by the parity gate.
|
|
98
98
|
|
|
99
99
|
## Surfaces
|
|
@@ -104,13 +104,13 @@ cw workbench serve [--port N] [--scope repo|home] [--once|--json]
|
|
|
104
104
|
```
|
|
105
105
|
|
|
106
106
|
`cw workbench serve` with `--once`/`--json` prints the serve descriptor (bind
|
|
107
|
-
host/port, scope, routes) and
|
|
107
|
+
host/port, scope, routes) and stops without starting a server; the default starts
|
|
108
108
|
the localhost host (like `schedule daemon`). The MCP tools `cw_workbench_view` and
|
|
109
|
-
`cw_workbench_serve`
|
|
110
|
-
CLI `--json`, and `cw_workbench_serve`
|
|
111
|
-
host cannot start a
|
|
112
|
-
declared, documented payload divergence
|
|
113
|
-
the descriptor payload itself is
|
|
109
|
+
`cw_workbench_serve` match these: `cw_workbench_view` gives back the same view as the
|
|
110
|
+
CLI `--json`, and `cw_workbench_serve` gives back the descriptor only — an MCP stdio
|
|
111
|
+
host cannot start a server that blocks. That one side-effect difference is the
|
|
112
|
+
declared, documented payload divergence written down in `src/capability-registry.ts`;
|
|
113
|
+
the descriptor payload itself is the same across surfaces.
|
|
114
114
|
|
|
115
115
|
The read-only HTTP routes the host serves:
|
|
116
116
|
|
|
@@ -124,9 +124,9 @@ GET /api/run/:runId # the five-panel WorkbenchRunView
|
|
|
124
124
|
|
|
125
125
|
## Version
|
|
126
126
|
|
|
127
|
-
This is CW v0.1.30. The Workbench changes no run-state schema and
|
|
128
|
-
migration: it is a pure read-only projection over
|
|
129
|
-
|
|
127
|
+
This is CW v0.1.30. The Workbench changes no run-state schema and needs no
|
|
128
|
+
migration: it is a pure read-only projection over durable state that already exists and
|
|
129
|
+
capability payloads that already exist. Taking it away leaves the framework fully working.
|
|
130
130
|
|
|
131
131
|
See also [Operator UX](operator-ux.7.md), [CLI ↔ MCP Parity](cli-mcp-parity.7.md),
|
|
132
132
|
and [Run Registry / Control Plane](run-registry-control-plane.7.md).
|
|
@@ -134,12 +134,12 @@ and [Run Registry / Control Plane](run-registry-control-plane.7.md).
|
|
|
134
134
|
## Observability + Cost Accounting (v0.1.31)
|
|
135
135
|
|
|
136
136
|
v0.1.31 adds Observability + Cost Accounting: `metrics show`/`metrics summary`
|
|
137
|
-
|
|
138
|
-
fail-closed `n/a`), and host-attested token/cost from
|
|
137
|
+
work out durations, failure/verifier/acceptance rates (with sample counts and
|
|
138
|
+
fail-closed `n/a`), and host-attested token/cost from durable run state that already exists
|
|
139
139
|
— no metrics database, no collector daemon, no hidden counter. Usage is additive
|
|
140
140
|
and optional (absent ⇒ `unreported`, never 0); cost is `attested` (attested usage
|
|
141
141
|
× a recorded pricing policy) or clearly `estimated`, with pricing as policy. Both
|
|
142
|
-
verbs are parity-gated and
|
|
142
|
+
verbs are parity-gated and show read-only in the v0.1.30 Workbench. See
|
|
143
143
|
[observability-cost-accounting.7.md](observability-cost-accounting.7.md).
|
|
144
144
|
|
|
145
145
|
|
|
@@ -149,19 +149,19 @@ v0.1.32 adds Team Collaboration: a host-attested actor and append-only
|
|
|
149
149
|
approvals/rejections/comments/handoffs provenance-linked to a durable target,
|
|
150
150
|
plus a review gate that STACKS ON the verifier gate — required approvals from
|
|
151
151
|
authorized roles, enforced inside `resolveCommitGate` AFTER the verifier checks
|
|
152
|
-
and never
|
|
152
|
+
and never in place of them, failing closed on quorum/authority/self-approval and
|
|
153
153
|
recording who approved the very artifact that shipped. Policy (required approvals,
|
|
154
|
-
authorized roles, self-approval) is data, default
|
|
155
|
-
unchanged). The verbs are parity-gated and
|
|
154
|
+
authorized roles, self-approval) is data, off by default (pre-v0.1.32 behavior
|
|
155
|
+
unchanged). The verbs are parity-gated and show read-only in the v0.1.30
|
|
156
156
|
Workbench. See [Team Collaboration](team-collaboration.7.md).
|
|
157
157
|
|
|
158
158
|
## Release Tooling (v0.1.33)
|
|
159
159
|
|
|
160
|
-
the per-tag mechanical surfaces (version bump across 17 surfaces, feature scaffold, and the forward-reference docs) become deterministic scripts, with a
|
|
160
|
+
the per-tag mechanical surfaces (version bump across 17 surfaces, feature scaffold, and the forward-reference docs) become deterministic scripts, with a release gate that has no doubled steps. See release-tooling(7).
|
|
161
161
|
|
|
162
162
|
## Real Execution Backend Integrations (v0.1.34)
|
|
163
163
|
|
|
164
|
-
container/remote/ci backends really
|
|
164
|
+
container/remote/ci backends really run (docker/podman run, remote/CI POST-and-poll) under the sandbox contract, with byte-stable evidence vs node and fail-closed refusal when a runtime/endpoint is not there. See real-execution-backends(7).
|
|
165
165
|
|
|
166
166
|
## Node Snapshot / Diff / Replay (v0.1.35)
|
|
167
167
|
|
|
@@ -169,7 +169,7 @@ per-node snapshot, structural diff, and isolated deterministic replay over State
|
|
|
169
169
|
|
|
170
170
|
## Contract Migration Tooling (v0.1.36)
|
|
171
171
|
|
|
172
|
-
first-class declared migration registry (run-state + workflow-app) with per-edge compatibility proofs, fail-closed reachability, and a round-trip/non-destruction prover. See contract-migration-tooling(7).
|
|
172
|
+
first-class declared migration registry (run-state + workflow-app) with per-edge compatibility proofs, fail-closed reachability, and a round-trip/non-destruction prover that checks it. See contract-migration-tooling(7).
|
|
173
173
|
|
|
174
174
|
## Control-Plane Scheduling (v0.1.37)
|
|
175
175
|
|
|
@@ -177,11 +177,11 @@ priority + concurrency limits + lease lifecycle + retry/backoff + fail-closed pa
|
|
|
177
177
|
|
|
178
178
|
## Agent Delegation Drive (v0.1.38)
|
|
179
179
|
|
|
180
|
-
|
|
180
|
+
start an outside agent process for each worker, take result.md + attestation, auto-drive plan->dispatch->fulfill->accept->commit
|
|
181
181
|
|
|
182
182
|
## Run Retention & Provable Reclamation (v0.1.39)
|
|
183
183
|
|
|
184
|
-
tiered, append-only, cryptographically-verifiable run reclamation: seal the audit skeleton, free the
|
|
184
|
+
tiered, append-only, cryptographically-verifiable run reclamation: seal the audit skeleton, free the bulk that can be built again, prove it
|
|
185
185
|
|
|
186
186
|
## Durable State & Locking (v0.1.40)
|
|
187
187
|
|
|
@@ -193,15 +193,15 @@ evidence grounding + durable audit append + symlink-hardened containment + deter
|
|
|
193
193
|
|
|
194
194
|
## Robust Result Ingest (v0.1.42)
|
|
195
195
|
|
|
196
|
-
|
|
196
|
+
take findings/evidence from any reasonable agent shape (alt keys + prose), CW works out grounded evidence itself, warn on empty capture — closes the v0.1.41 live-drive 'accepted with 0 captured' failure
|
|
197
197
|
|
|
198
198
|
## No-False-Green Gate & Launch Prep (v0.1.43)
|
|
199
199
|
|
|
200
|
-
Hard gate
|
|
200
|
+
Hard gate that blocks empty-capture verifier-gated commits, plus quickstart and launch-prep docs.
|
|
201
201
|
|
|
202
202
|
## Release-Gate Determinism & Agents Vendor (v0.1.44)
|
|
203
203
|
|
|
204
|
-
Release-readiness checks now
|
|
204
|
+
Release-readiness checks now check the committed blob (`git show HEAD:<path>`) in place of the mutable working tree — taking away false-red/false-green from working-tree writes at the same time (iCloud/Spotlight/editor). Adds the `agents` vendor manifest target: a generated `.agents/plugins/cool-workflow/` adapter that gives any non-Claude AI agent one common interface to CW.
|
|
205
205
|
|
|
206
206
|
## P1-P2 Fixes & CI Content Surfaces (v0.1.49)
|
|
207
207
|
|
|
@@ -218,7 +218,15 @@ Migration DAG with reversible edges (v0.1.45), capability auto-discovery (v0.1.4
|
|
|
218
218
|
|
|
219
219
|
## Fast Architecture Review (v0.1.80)
|
|
220
220
|
|
|
221
|
-
Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports,
|
|
221
|
+
Adds the opt-in fast architecture-review lane: scoped JSONL source contexts, diff-aware exports, Map and Assess results you can use again, wrapper metrics you can measure, a background full-review handoff you can act on, and userland model policy flags for routing fast/strong workers without changing the full review contract.
|
|
222
222
|
|
|
223
223
|
_No changes to the Web / Desktop Workbench in v0.1.81._
|
|
224
224
|
_No changes in v0.1.82._
|
|
225
|
+
|
|
226
|
+
## Hardening and Onboarding (v0.1.83)
|
|
227
|
+
|
|
228
|
+
Loaders fail closed on corrupt state; store writes are made safe under more than one writer; a new cw doctor checks your setup; help lists every command; and the docs are put into Basic English.
|
|
229
|
+
|
|
230
|
+
## Privacy Release (v0.1.84)
|
|
231
|
+
|
|
232
|
+
No other change to this page in v0.1.84.
|
|
@@ -28,15 +28,15 @@ node dist/cli.js dispatch <run-id> --sandbox readonly
|
|
|
28
28
|
|
|
29
29
|
## DESCRIPTION
|
|
30
30
|
|
|
31
|
-
Worker Isolation is the small boundary layer between dispatch
|
|
32
|
-
task prompts, worker-local files, result envelopes, StateNode
|
|
33
|
-
PipelineRunner verifier gates, ErrorFeedback, and reports.
|
|
31
|
+
Worker Isolation is the small boundary layer that sits between dispatch
|
|
32
|
+
manifests, worker task prompts, worker-local files, result envelopes, StateNode
|
|
33
|
+
records, PipelineRunner verifier gates, ErrorFeedback, and reports.
|
|
34
34
|
|
|
35
35
|
It is not a process sandbox, container runtime, lease manager, or autonomous
|
|
36
36
|
agent spawner. CW still writes task artifacts. Operators or the agent host run
|
|
37
|
-
workers
|
|
37
|
+
workers themselves and send results back through named files.
|
|
38
38
|
|
|
39
|
-
The kernel
|
|
39
|
+
The kernel keeps only these jobs:
|
|
40
40
|
|
|
41
41
|
- worker scope allocation
|
|
42
42
|
- stable worker manifests
|
|
@@ -48,8 +48,8 @@ The kernel owns only:
|
|
|
48
48
|
|
|
49
49
|
## WORKER MODEL
|
|
50
50
|
|
|
51
|
-
Dispatch moves runnable tasks to `running` and
|
|
52
|
-
dispatched task. Each worker
|
|
51
|
+
Dispatch moves runnable tasks to `running` and gives one worker scope to each
|
|
52
|
+
dispatched task. Each worker gets a plain input file and a result path.
|
|
53
53
|
|
|
54
54
|
The normal flow is:
|
|
55
55
|
|
|
@@ -58,14 +58,14 @@ dispatch task -> worker scope -> worker.json + manifest.json/input.md -> result.
|
|
|
58
58
|
-> result node -> verifier node -> commit/report
|
|
59
59
|
```
|
|
60
60
|
|
|
61
|
-
Worker output does not
|
|
62
|
-
output as result and verifier nodes after boundary checks
|
|
61
|
+
Worker output does not change shared run state on its own. CW records accepted
|
|
62
|
+
output as result and verifier nodes after the boundary checks are passed.
|
|
63
63
|
|
|
64
64
|
## ISOLATION BOUNDARIES
|
|
65
65
|
|
|
66
|
-
Isolation is path and contract
|
|
66
|
+
Isolation is based on path and contract.
|
|
67
67
|
|
|
68
|
-
In CW v0.1.8, named Sandbox Profiles
|
|
68
|
+
In CW v0.1.8, named Sandbox Profiles set the worker read paths, write paths,
|
|
69
69
|
command policy, network policy, environment policy, worker output allowances,
|
|
70
70
|
and host enforcement instructions. See `sandbox-profiles.7.md`.
|
|
71
71
|
|
|
@@ -75,11 +75,11 @@ inside `artifacts/` when `workerOutput.artifacts` is allowed, inside `logs/`
|
|
|
75
75
|
when `workerOutput.logs` is allowed, or inside an explicitly allowed path
|
|
76
76
|
passed by the legacy runtime policy.
|
|
77
77
|
|
|
78
|
-
Reads and writes are
|
|
79
|
-
it records. The agent host must enforce
|
|
80
|
-
while the worker is running.
|
|
78
|
+
Reads and writes are shown apart from each other. CW checks the accepted output
|
|
79
|
+
writes that it records. The agent host must enforce the real OS-level read and
|
|
80
|
+
write limits while the worker is running.
|
|
81
81
|
|
|
82
|
-
Out-of-scope output is rejected and
|
|
82
|
+
Out-of-scope output is rejected and kept as:
|
|
83
83
|
|
|
84
84
|
- a failed or rejected worker scope
|
|
85
85
|
- an `error` StateNode
|
|
@@ -101,27 +101,25 @@ Out-of-scope output is rejected and preserved as:
|
|
|
101
101
|
```
|
|
102
102
|
|
|
103
103
|
`worker.json` is the durable worker-scope state record. `manifest.json` is the
|
|
104
|
-
worker-facing
|
|
105
|
-
Keeping them
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
`hostRequired`.
|
|
104
|
+
worker-facing view that hosts and agents read before they write `result.md`.
|
|
105
|
+
Keeping them apart stops a rebuilt manifest from writing over scope-only runtime
|
|
106
|
+
state such as retry counters, lifecycle metadata, or later operator notes. New
|
|
107
|
+
v0.1.8 worker records hold `sandboxProfileId`, `sandboxPolicy`, and a `sandbox`
|
|
108
|
+
host contract with `enforcedByCW` and `hostRequired`.
|
|
110
109
|
|
|
111
110
|
## FAILURE MODES
|
|
112
111
|
|
|
113
|
-
Missing result files are
|
|
112
|
+
Missing result files are worker failures that can be retried.
|
|
114
113
|
|
|
115
|
-
Boundary violations are rejected worker outputs. They are not
|
|
116
|
-
|
|
117
|
-
|
|
114
|
+
Boundary violations are rejected worker outputs. They are not taken into result
|
|
115
|
+
state. Sandbox write denials use `sandbox-write-denied`; unknown and invalid
|
|
116
|
+
profiles use `sandbox-profile-not-found` and `sandbox-profile-invalid`.
|
|
118
117
|
|
|
119
|
-
Verifier failures
|
|
120
|
-
|
|
121
|
-
result.
|
|
118
|
+
Verifier failures stay verifier failures. Worker Isolation keeps the worker
|
|
119
|
+
directory and records feedback so the operator can look at or fix the result.
|
|
122
120
|
|
|
123
121
|
Corrupt run state, unknown workers, and unknown tasks are hard errors because
|
|
124
|
-
the runtime cannot
|
|
122
|
+
the runtime cannot go on safely.
|
|
125
123
|
|
|
126
124
|
## EXAMPLES
|
|
127
125
|
|
|
@@ -151,17 +149,16 @@ node dist/cli.js worker fail <run-id> <worker-id> --message "worker could not in
|
|
|
151
149
|
|
|
152
150
|
## COMPATIBILITY
|
|
153
151
|
|
|
154
|
-
Worker Isolation is
|
|
152
|
+
Worker Isolation is first added in CW v0.1.5. It adds optional worker fields to
|
|
155
153
|
run paths, tasks, dispatch tasks, dispatch records, summaries, and run state.
|
|
156
154
|
|
|
157
|
-
Sandbox Profiles are
|
|
158
|
-
|
|
159
|
-
hosts. New hosts should
|
|
155
|
+
Sandbox Profiles are first added in CW v0.1.8. The legacy `allowedPaths` field
|
|
156
|
+
is still there and now matches the effective write acceptance paths for older
|
|
157
|
+
hosts. New hosts should use `sandboxPolicy.readPaths`,
|
|
160
158
|
`sandboxPolicy.writePaths`, `sandboxPolicy.workerOutput`, and
|
|
161
159
|
`sandbox.hostRequired`.
|
|
162
160
|
|
|
163
|
-
|
|
164
|
-
commands
|
|
165
|
-
|
|
166
|
-
command.
|
|
161
|
+
The existing `plan`, `dispatch`, `result`, `node`, `contract`, and `feedback`
|
|
162
|
+
commands still work. The legacy `result` command still takes a task id and
|
|
163
|
+
result file. The stricter boundary-aware path is the `worker output` command.
|
|
167
164
|
0.1.51
|
|
@@ -27,12 +27,12 @@ node scripts/cw.js plan my-app --question "What should happen?"
|
|
|
27
27
|
|
|
28
28
|
## Description
|
|
29
29
|
|
|
30
|
-
CW
|
|
30
|
+
CW uses the runner as the base system and workflow apps as userland. The
|
|
31
31
|
runner owns state transitions, dispatch, result recording, verifier gates,
|
|
32
|
-
commits, and reports. A workflow app owns
|
|
33
|
-
prompts, evidence
|
|
32
|
+
commits, and reports. A workflow app owns its own inputs, phases, task
|
|
33
|
+
prompts, evidence needs, and sandbox profile hints.
|
|
34
34
|
|
|
35
|
-
The framework is
|
|
35
|
+
The framework is kept small on purpose. The public app helpers are:
|
|
36
36
|
|
|
37
37
|
- `defineWorkflowApp(definition)`
|
|
38
38
|
- `workflow(definition)`
|
|
@@ -41,9 +41,9 @@ The framework is intentionally small. The public app helpers are:
|
|
|
41
41
|
- `artifact(id, prompt, options)`
|
|
42
42
|
- `input(name, options)`
|
|
43
43
|
|
|
44
|
-
Legacy workflow factories
|
|
45
|
-
the legacy wrapper should use
|
|
46
|
-
`legacy-research-synthesis`
|
|
44
|
+
Legacy workflow factories are still good to use. If a canonical app owns the public id,
|
|
45
|
+
the legacy wrapper should use a clear compatibility id such as
|
|
46
|
+
`legacy-research-synthesis` so the same app is not found twice:
|
|
47
47
|
|
|
48
48
|
```js
|
|
49
49
|
module.exports = ({ workflow, phase, agent, artifact }) =>
|
|
@@ -61,7 +61,7 @@ module.exports = ({ workflow, phase, agent, artifact }) =>
|
|
|
61
61
|
|
|
62
62
|
## App Contract
|
|
63
63
|
|
|
64
|
-
A first-class app contract is a
|
|
64
|
+
A first-class app contract is a simple object:
|
|
65
65
|
|
|
66
66
|
```js
|
|
67
67
|
module.exports = defineWorkflowApp({
|
|
@@ -101,30 +101,30 @@ module.exports = defineWorkflowApp({
|
|
|
101
101
|
});
|
|
102
102
|
```
|
|
103
103
|
|
|
104
|
-
The
|
|
104
|
+
The lasting fields are:
|
|
105
105
|
|
|
106
|
-
- `schemaVersion`:
|
|
106
|
+
- `schemaVersion`: now `1`
|
|
107
107
|
- `id`: stable app id, lowercase letters, digits, dots, and hyphens
|
|
108
|
-
- `title`:
|
|
109
|
-
- `summary`: short
|
|
108
|
+
- `title`: name people can read
|
|
109
|
+
- `summary`: short note
|
|
110
110
|
- `version`: semver app version
|
|
111
111
|
- `author`: string or `{ name, url, email }`
|
|
112
112
|
- `workflow`: workflow definition or manifest entrypoint
|
|
113
|
-
- `inputs`:
|
|
114
|
-
- `sandboxProfiles`: named bundled sandbox profiles
|
|
115
|
-
- `compatibility`: optional CW version
|
|
113
|
+
- `inputs`: the input definitions you set
|
|
114
|
+
- `sandboxProfiles`: named bundled sandbox profiles the app uses
|
|
115
|
+
- `compatibility`: optional CW version limits
|
|
116
116
|
- `metadata`: app-owned JSON metadata
|
|
117
117
|
|
|
118
118
|
## App Directory
|
|
119
119
|
|
|
120
|
-
CW also
|
|
120
|
+
CW also finds app directories:
|
|
121
121
|
|
|
122
122
|
```text
|
|
123
123
|
apps/<app-id>/app.json
|
|
124
124
|
apps/<app-id>/workflow.js
|
|
125
125
|
```
|
|
126
126
|
|
|
127
|
-
`app.json`
|
|
127
|
+
`app.json` keeps the app metadata and points at a relative workflow entrypoint:
|
|
128
128
|
|
|
129
129
|
```json
|
|
130
130
|
{
|
|
@@ -139,7 +139,7 @@ apps/<app-id>/workflow.js
|
|
|
139
139
|
}
|
|
140
140
|
```
|
|
141
141
|
|
|
142
|
-
The entrypoint may
|
|
142
|
+
The entrypoint may give out a workflow object or a factory:
|
|
143
143
|
|
|
144
144
|
```js
|
|
145
145
|
module.exports = ({ workflow, phase, agent, input }) => {
|
|
@@ -159,18 +159,18 @@ module.exports = ({ workflow, phase, agent, input }) => {
|
|
|
159
159
|
|
|
160
160
|
## Validation
|
|
161
161
|
|
|
162
|
-
App loading fails closed. CW
|
|
162
|
+
App loading fails closed. CW checks:
|
|
163
163
|
|
|
164
164
|
- app `schemaVersion`, `id`, `title`, and semver `version`
|
|
165
|
-
- input names, types,
|
|
166
|
-
- workflow id/title
|
|
167
|
-
-
|
|
168
|
-
- phase ids and
|
|
169
|
-
- task ids,
|
|
165
|
+
- input names, types, the same input given twice, and boolean flags
|
|
166
|
+
- workflow id/title that match the app id/title
|
|
167
|
+
- limits above zero and `maxConcurrentAgents <= maxAgents`
|
|
168
|
+
- phase ids and the same phase id given twice
|
|
169
|
+
- task ids, the same task id given twice, task kind, prompt, and evidence flags
|
|
170
170
|
- sandbox profile references on the app, workflow, and tasks
|
|
171
|
-
- compatibility
|
|
171
|
+
- compatibility limits against the current CW runtime
|
|
172
172
|
|
|
173
|
-
`cw.js app validate` prints a structured result.
|
|
173
|
+
`cw.js app validate` prints a structured result. Apps that are not valid return nonzero:
|
|
174
174
|
|
|
175
175
|
```json
|
|
176
176
|
{
|
|
@@ -185,7 +185,7 @@ App loading fails closed. CW validates:
|
|
|
185
185
|
}
|
|
186
186
|
```
|
|
187
187
|
|
|
188
|
-
CW does not
|
|
188
|
+
CW does not quietly change broken apps into workflows that can run.
|
|
189
189
|
|
|
190
190
|
## CLI
|
|
191
191
|
|
|
@@ -197,20 +197,20 @@ node scripts/cw.js app init <app-id> --title "Title"
|
|
|
197
197
|
node scripts/cw.js app package <app-id> --output app.cwapp.json
|
|
198
198
|
```
|
|
199
199
|
|
|
200
|
-
`cw.js list`, `cw.js init`, and `cw.js plan`
|
|
201
|
-
legacy workflow files and first-class app directories. `plan`
|
|
200
|
+
`cw.js list`, `cw.js init`, and `cw.js plan` still work the same way. `list` shows
|
|
201
|
+
legacy workflow files and first-class app directories. `plan` takes either
|
|
202
202
|
kind by id.
|
|
203
203
|
|
|
204
204
|
## Canonical Apps
|
|
205
205
|
|
|
206
|
-
CW v0.1.13
|
|
206
|
+
CW v0.1.13 comes with four kept-up canonical app directories:
|
|
207
207
|
|
|
208
208
|
- `architecture-review`
|
|
209
209
|
- `pr-review-fix-ci`
|
|
210
210
|
- `release-cut`
|
|
211
211
|
- `research-synthesis`
|
|
212
212
|
|
|
213
|
-
These apps are official userland
|
|
213
|
+
These apps are the official userland hard tests for the framework. They use set
|
|
214
214
|
inputs, compatibility metadata, sandbox profile hints, and evidence-required
|
|
215
215
|
verification or synthesis/verdict tasks. Validate and plan the full matrix with:
|
|
216
216
|
|
|
@@ -222,7 +222,7 @@ See [canonical-workflow-apps.7.md](canonical-workflow-apps.7.md).
|
|
|
222
222
|
|
|
223
223
|
## MCP
|
|
224
224
|
|
|
225
|
-
The MCP bridge
|
|
225
|
+
The MCP bridge gives matching tools:
|
|
226
226
|
|
|
227
227
|
- `cw_app_list`
|
|
228
228
|
- `cw_app_show`
|
|
@@ -232,16 +232,16 @@ The MCP bridge exposes matching tools:
|
|
|
232
232
|
- `cw_app_run`
|
|
233
233
|
|
|
234
234
|
Tool results are JSON and use the same app summaries and validation issue
|
|
235
|
-
records as the CLI. `cw_app_run`
|
|
236
|
-
`inputs`, then
|
|
237
|
-
|
|
235
|
+
records as the CLI. `cw_app_run` makes a run from an app id and structured
|
|
236
|
+
`inputs`, then gives back the run id, app id/version, state/report paths, the count of
|
|
237
|
+
tasks still waiting, short operator status, and next actions.
|
|
238
238
|
|
|
239
|
-
The full agent-host runtime surface is
|
|
239
|
+
The full agent-host runtime surface is written up in
|
|
240
240
|
[mcp-app-surface.7.md](mcp-app-surface.7.md).
|
|
241
241
|
|
|
242
242
|
## State And Reports
|
|
243
243
|
|
|
244
|
-
Run state
|
|
244
|
+
Run state keeps short app metadata at:
|
|
245
245
|
|
|
246
246
|
```text
|
|
247
247
|
state.json.workflow.app
|
|
@@ -254,7 +254,7 @@ Workflow App: <id>@<version>
|
|
|
254
254
|
Workflow App Source: <manifest-or-entrypoint-path>
|
|
255
255
|
```
|
|
256
256
|
|
|
257
|
-
CW
|
|
257
|
+
CW keeps app identity, version, compatibility, source path, sandbox profile
|
|
258
258
|
references, and metadata. It does not copy workflow source into run state.
|
|
259
259
|
|
|
260
260
|
## Files
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"_comment": "SINGLE SOURCE OF TRUTH for every vendor manifest. Edit THIS file, then run `npm run gen:manifests`. Do NOT hand-edit the generated vendor manifests (.claude-plugin/, .codex-plugin/, .agents/, .mcp.json) — `npm run gen:manifests -- --check` (run by release:check) will fail if they drift from this source.",
|
|
3
3
|
"identity": {
|
|
4
4
|
"name": "cool-workflow",
|
|
5
|
-
"version": "0.1.
|
|
5
|
+
"version": "0.1.84",
|
|
6
6
|
"license": "BSD-2-Clause",
|
|
7
7
|
"homepage": "https://github.com/coo1white/cool-workflow",
|
|
8
8
|
"author": {
|
|
@@ -20,9 +20,9 @@
|
|
|
20
20
|
]
|
|
21
21
|
},
|
|
22
22
|
"descriptions": {
|
|
23
|
-
"short": "
|
|
24
|
-
"standard": "
|
|
25
|
-
"long": "Cool Workflow (CW) is
|
|
23
|
+
"short": "A workflow control plane you are able to check.",
|
|
24
|
+
"standard": "A workflow control plane and run-time you are able to check: it sends out jobs in TypeScript, makes certain of work against facts before it goes through, puts state into fixed records, orders jobs by time, runs jobs again and again, gets a group of agents to do their parts together, and talks MCP. It gives the doing of the work to outside agents — it never runs the models itself.",
|
|
25
|
+
"long": "Cool Workflow (CW) is a workflow control plane and run-time you are able to check. It gives you: a TypeScript COL run-time, Workflow App framework agreements, a Router and Orchestrator, Subagent Dispatch, a same-every-time Harness, a hard-questioning Verifier, Git and State Commit, Sandbox Profiles, time-ordered jobs, jobs that come round again, a high-level Multi-Agent CLI and MCP host face, and an MCP JSON-RPC 2.0 bridge. Builders make workflow apps they are able to use again; CW gives the doing of the work to an outside agent host and keeps a checked, play-again record of state — it never puts a model API inside itself."
|
|
26
26
|
},
|
|
27
27
|
"interface": {
|
|
28
28
|
"displayName": "Cool Workflow",
|